There has been a surge in brute-force attacks targeting Citrix NetScaler. The attacks are mainly originating from a cloud provider based in Hong-Kong, their IP ranges are available in the article linked below and should be blocked to help mitigate the attack on vulnerable systems. The attacks are leveraging zero-day exploits that were recently addressed in updates available from Citrix. Vulnerable systems, as always, should be updated as soon as possible.
Additional reading here!
Relevant CVE-2024-8534